Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/3130332e31302e36322e302f32342d3234203d3e203338373538.roa
File:                     3130332e31302e36322e302f32342d3234203d3e203338373538.roa (raw, json)
Hash identifier:          hTbBDTsrCM+36FDPUmGAvzk0vwyC1n0N7Zzr/gQPkMA=
Subject key identifier:   FE:0D:9C:10:C1:10:0E:4C:63:CD:96:25:02:45:1F:AC:D1:6F:D2:22
Certificate issuer:       /CN=9FEB25155CF1AFF90AE11DA0298F164D554986F4
Certificate serial:       5E609C76B36A0FF25E675AE516E93BEBB360357B
Authority key identifier: 9F:EB:25:15:5C:F1:AF:F9:0A:E1:1D:A0:29:8F:16:4D:55:49:86:F4
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9FEB25155CF1AFF90AE11DA0298F164D554986F4.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/3130332e31302e36322e302f32342d3234203d3e203338373538.roa
Signing time:             Mon 31 Jul 2023 00:00:04 +0000
ROA not before:           Sun 30 Jul 2023 23:55:04 +0000
ROA not after:            Mon 29 Jul 2024 00:00:04 +0000
asID:                     38758
IP address blocks:        103.10.62.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/9FEB25155CF1AFF90AE11DA0298F164D554986F4.crl
                          rsync://repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/9FEB25155CF1AFF90AE11DA0298F164D554986F4.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9FEB25155CF1AFF90AE11DA0298F164D554986F4.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:60:9c:76:b3:6a:0f:f2:5e:67:5a:e5:16:e9:3b:eb:b3:60:35:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9FEB25155CF1AFF90AE11DA0298F164D554986F4
        Validity
            Not Before: Jul 30 23:55:04 2023 GMT
            Not After : Jul 29 00:00:04 2024 GMT
        Subject: CN=FE0D9C10C1100E4C63CD962502451FACD16FD222
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6b:54:ef:67:6d:58:b6:2d:79:df:b8:2e:10:
                    a0:28:37:57:f5:e7:6a:8f:24:68:7c:09:bb:a9:4a:
                    9f:4b:a8:62:2a:3c:05:cd:9c:25:57:e3:9f:ad:a9:
                    13:cf:23:88:50:e5:6c:ec:ea:3c:c0:9b:31:21:8d:
                    b2:ea:37:45:44:5d:19:64:c0:3a:35:30:0f:ec:9c:
                    08:94:9b:e8:e4:5c:99:b2:3e:34:0c:74:61:67:fe:
                    ed:28:c3:32:4c:17:54:a2:14:97:29:b6:07:bb:e4:
                    26:8f:99:22:2e:65:db:63:23:0e:fd:fc:59:c8:94:
                    f1:0d:2d:4f:64:30:cd:1d:f1:62:67:52:61:0d:80:
                    10:b5:40:f2:cb:6c:91:ea:0b:7f:c9:32:6a:74:14:
                    75:4f:64:f7:87:ba:fd:cb:8c:50:c0:58:4a:19:2f:
                    19:82:bd:82:34:29:3a:7f:e0:c6:ea:89:28:34:5a:
                    58:77:6f:b3:6a:ff:36:70:d3:ac:64:d1:6a:d3:af:
                    0c:f0:fc:4c:9a:71:17:7f:35:e0:ac:56:5c:96:c8:
                    ee:9d:2f:f4:cd:59:6a:cb:8a:d2:e1:c9:de:19:b4:
                    a8:02:e4:5b:83:50:97:2b:5a:aa:2d:95:08:6c:71:
                    10:31:36:66:ba:93:cf:67:0c:8c:e5:15:a9:9d:86:
                    79:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:0D:9C:10:C1:10:0E:4C:63:CD:96:25:02:45:1F:AC:D1:6F:D2:22
            X509v3 Authority Key Identifier:
                keyid:9F:EB:25:15:5C:F1:AF:F9:0A:E1:1D:A0:29:8F:16:4D:55:49:86:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/9FEB25155CF1AFF90AE11DA0298F164D554986F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9FEB25155CF1AFF90AE11DA0298F164D554986F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/3130332e31302e36322e302f32342d3234203d3e203338373538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.10.62.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:08:ba:79:de:5c:00:25:2a:ea:b6:d6:ee:47:4d:5f:39:f6:
         7a:61:e7:5e:ff:2d:49:a1:06:a2:a0:bc:6a:8a:58:8f:40:d2:
         00:70:66:33:ba:cd:11:3a:ed:4f:9a:84:c3:35:13:4b:94:90:
         87:dd:24:1e:cd:f2:46:1e:a6:ac:2d:79:02:70:5e:38:01:6a:
         7f:65:a2:50:1e:db:5a:b4:41:66:32:3b:55:4b:8f:5a:ce:bb:
         ba:4a:af:05:63:45:85:2d:8f:4f:e3:e3:8e:5d:29:50:a2:a3:
         1c:07:f8:80:1b:99:43:f3:58:17:ad:db:23:a5:29:48:c8:bf:
         a7:ec:25:f6:32:45:92:2b:7e:16:98:b8:8a:ac:ad:e3:e4:b7:
         99:7c:51:ef:69:2b:e1:8b:ea:6e:92:29:f3:b9:37:59:14:96:
         75:83:cb:5c:be:ed:10:aa:06:11:23:ee:d8:11:40:55:1b:3f:
         dc:68:87:76:e5:ac:08:9f:bc:63:65:70:8f:f7:21:c1:83:f4:
         e8:f1:44:1c:a1:6c:ec:93:bf:67:06:e1:6f:d4:88:d6:bd:24:
         b3:2d:b5:9c:ed:0f:f8:25:9d:66:90:11:87:8a:28:6f:0d:6e:
         a0:d3:3f:33:db:33:b8:f6:6e:bc:42:c3:e8:9f:0d:2d:7c:fa:
         6e:a5:87:36
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUXmCcdrNqD/JeZ1rlFuk767NgNXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUZFQjI1MTU1Q0YxQUZGOTBBRTExREEwMjk4RjE2NEQ1
NTQ5ODZGNDAeFw0yMzA3MzAyMzU1MDRaFw0yNDA3MjkwMDAwMDRaMDMxMTAvBgNV
BAMTKEZFMEQ5QzEwQzExMDBFNEM2M0NEOTYyNTAyNDUxRkFDRDE2RkQyMjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCua1TvZ21Yti1537guEKAoN1f1
52qPJGh8CbupSp9LqGIqPAXNnCVX45+tqRPPI4hQ5Wzs6jzAmzEhjbLqN0VEXRlk
wDo1MA/snAiUm+jkXJmyPjQMdGFn/u0owzJMF1SiFJcptge75CaPmSIuZdtjIw79
/FnIlPENLU9kMM0d8WJnUmENgBC1QPLLbJHqC3/JMmp0FHVPZPeHuv3LjFDAWEoZ
LxmCvYI0KTp/4MbqiSg0Wlh3b7Nq/zZw06xk0WrTrwzw/EyacRd/NeCsVlyWyO6d
L/TNWWrLitLhyd4ZtKgC5FuDUJcrWqotlQhscRAxNma6k89nDIzlFamdhnm5AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU/g2cEMEQDkxjzZYlAkUfrNFv0iIwHwYDVR0j
BBgwFoAUn+slFVzxr/kK4R2gKY8WTVVJhvQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
YjRlMTk1ZS0xMmRlLTRjM2MtOTNlNS01MjJlZTU0MDE4ZDYvMC85RkVCMjUxNTVD
RjFBRkY5MEFFMTFEQTAyOThGMTY0RDU1NDk4NkY0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUZFQjI1MTU1Q0YxQUZGOTBBRTExREEwMjk4RjE2NEQ1NTQ5
ODZGNC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFiNGUxOTVlLTEyZGUtNGMzYy05
M2U1LTUyMmVlNTQwMThkNi8wLzMxMzAzMzJlMzEzMDJlMzYzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzgzNzM1Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnCj4wDQYJKoZIhvcN
AQELBQADggEBAAwIunneXAAlKuq21u5HTV859nph517/LUmhBqKgvGqKWI9A0gBw
ZjO6zRE67U+ahMM1E0uUkIfdJB7N8kYepqwteQJwXjgBan9lolAe21q0QWYyO1VL
j1rOu7pKrwVjRYUtj0/j445dKVCioxwH+IAbmUPzWBet2yOlKUjIv6fsJfYyRZIr
fhaYuIqsrePkt5l8Ue9pK+GL6m6SKfO5N1kUlnWDy1y+7RCqBhEj7tgRQFUbP9xo
h3blrAifvGNlcI/3IcGD9OjxRByhbOyTv2cG4W/UiNa9JLMttZztD/glnWaQEYeK
KG8NbqDTPzPbM7j2brxCw+ifDS18+m6lhzY=
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:10:04 2024 by rpki-client on console-fra.rpki-client.org